DockerDay 2015: From months to minutes - How GE appliances brought docker into the enterprise

From Months to MinutesHow GE Appliances Brought Docker Into the Enterprise

Nguyen Dang Quang – Cloud Solution Architect

From Months to MinutesHow GE Appliances Brought Docker Into the Enterprise

Tom Barber – Cloud Computing Technologist Brett

Luckabaugh – Enterprise Software Architect

GE Appliances

GE Appliances is at the forefront of buildinginnovative, energy-efficient appliances that

improve people’s lives.

•

•

•

Headquartered in Louisville, KY

$5 Billion+ in revenue

12,000+ employees

geappliances.com

Our Team

Byron Guernsey Ryan GrothouseKeenan Gizzi

Allan Clark Priya Ramaswamy Eric SageJason Burks

Kevin PriceJustin Roberts

James Strong

Tom Barber

Brett Luckabaugh

About as enterprise IT as you can get…

Open

project

ticket

1 day

Meet with

Project

leader

3 days

Open infra

tickets

3 days

Infra manually built

1 week

Infra audited

1 week

6 weeks!

Software/app

configured

1 week

Repeatable Reproducible

I’ll have 1 cloud please…

•

•

•

•

Mid 2012: Formation of a cloud focused team with anagile culture

Goals: Automate Infrastructure, Modernize Paradigm

Leveraged Puppet

1 year to self-service IaaS solution

That’s a little more like it…

3 weeks

Repeatable Reproducible

15 minutes

Request VM from

portal

Software/app configured

1 week

Good start... Now what?

•

•

•

•

2013: Improve IaaS

Exploring self-service application platform

(PaaS) automation

Leverage Puppet as our PaaS toolset

App owners develop and contribute to puppetmodules

Eh…maybe not so much

•

•

•

Terrible rate of adoption

- High barrier to entry for app owners

- Reluctant to learn or write Puppet despite industry training

- Highly heterogeneous environment with proprietary apps

Our Team – The Bottleneck

Generic Builds

- Avoiding automation

- Manually configured environments -> snowflakes

- Access and privilege restrictions

- Tickets and waiting

- No way to quickly replicate environments

It’s not you…it’s me

•

•

•

Early 2014 - Our team was having success withPuppet for IaaS and DBaaS

However, our larger organization was not

having success using Puppet for self-servicePaaS

But where do we go from here?

What about this Docker…

•

•

Started at DockerCon 2014

Docker + Mesosphere - August 2014

- Docker

•

•

•

High portability

Lower barrier to entry -> possibly drive greater adoption? – if you can use a shell, you can grasp a Dockerfile

- Mesosphere

Fast deployments, scheduling of tasks, scaling, managementof containers, self-healing/fault tolerant, simplification of datacenter management

Our self-service gap

•

•

Process gap between Docker and our Users

- No shell access to Docker

- Can’t deploy Docker from Marathon UI

- Users not going to build API calls

- Lets not just turn everyone loose on the full API

How do we bridge that Gap?

- Looked for tools in August 2014, found none that really met our needs

What’s Voyager?

•

•

•

Web application to bridge the gap

Three person team developed initial MVP version in 2 weeks

MVP features:

- Automated Docker builds without shell access

- Images built from GitHub repositories

- Configurable RESTful service discovery/load balancing

- UI and APIs to tie it all together

•

•

UI – ease of use for all

APIs – enable continuous integration

HAProxy

I can haz DevOps?

< 30 minutes

Write Dockerfile

30 seconds

Request in Voyager

Repeatable

Reproducible

I think our compliance lead just exploded…

•

•

•

•

New concept of immutable infrastructure

- ITIL/Compliance

- How do I ssh? Which Server?

- What do I do if my app instances are having problems?

Education gap on Docker principals

Highly heterogeneous environment

- How do I support everything, but do it well?

Security

- Freedom to put whatever in container?

It’s all about that app…

• A focus shift from infrastructure to app

- ITIL/Compliance

•

•

Policies and processes historically geared towards infrastructure

Must shift to the app in this model

•

•

Provide Education

- Help users differentiate images/containers, encourage environment variable configuration, best practices

Adding features constantly, but carefully

- Highly heterogeneous environment

•

•

Focus on being really good at running Docker containers

Balance accommodating everything with keeping it simple

Dude…where's my server?

•

•

How do I ssh? Which Server?

- No shell is an adjustment

- External log shipping provides insight

- Encourage new mindset with uneasy app owners

What do I do if my app instances are havingproblems?

- Break our old habits of server hugging

- Just throw bad ones away and replace

- Cheapening of app delivery enables this

Bro…it’s probably fine

• Security

- Double edged sword - freedom vs. control

•

•

•

•

•

Encourage best practices

Education

Minimize container footprint/attack vectors

Shift/decentralize security responsibility to app teams

App teams take over patching

So does it work?

•

•

•

Benefits

- Instant scalability

- 14x density

User feedback on usability is positive

Docker adoption rates are high

- Currently running 350+ apps = 800+ containers, and growing daily

- Our most critical applications are running in Docker

Flexibility

- Supports legacy applications well

- Enables modern practices - micro-services and continuous integration

•

1954 – GE Appliance Park – First non-

government owned computer - Univac-1Serial Number 8

Fast forward 61 years…

•

•

•

•

Same data center, slightly different hardware

Ongoing project to move apps to new private

and public clouds

Planned exit strategy -> multiple years

With Docker in the fold?

- Completed so far 45%+ in ~4 months

So where do we go next?

•

•

Broad Open Issues

- Windows support?

- Persistent storage?

- Networking (SDN containers)?

Organizational Goals

- Oracle ERP in Docker?

- Drive density - 1000’s of containers per blade

- Too many load balancers -> containerize -> improve service discovery

- Honeybadger - Multi-cloud spanning/support

- Pushing Docker’s portability to its logical conclusion

Thank you

Tom [email protected]@barberta2

Brett [email protected]@OverflownStack